summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLev Morgan <lm734y@att.com>2019-02-22 09:24:55 -0600
committerStacey Fletcher <staceylynnfletcher@gmail.com>2019-02-26 20:51:45 +0000
commit2596e7c840d65b15a054131ebecadba8104cf351 (patch)
treebb5be6884eb06effcb37426d422591f2195c194b
parent32a9124c0dd0cc3d0d965e1dc7ee04569c1e1b08 (diff)
Unwrap managed documents before linting
Unwrap managed documents during the linting process before passing them to deckhand, to avoid namespace collisions. Change-Id: I0467560154c737dc664a126241cd56257091125d
Notes
Notes (review): Code-Review+2: Matt McEuen <matt.mceuen@att.com> Code-Review+2: Felipe Monteiro <felipe.monteiro@att.com> Code-Review+2: Aaron Sheffield <ajs@sheffieldfamily.net> Workflow+1: Aaron Sheffield <ajs@sheffieldfamily.net> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 27 Feb 2019 14:36:35 +0000 Reviewed-on: https://review.openstack.org/638689 Project: openstack/airship-pegleg Branch: refs/heads/master
-rw-r--r--pegleg/engine/lint.py27
-rw-r--r--tests/unit/engine/test_lint.py23
2 files changed, 48 insertions, 2 deletions
diff --git a/pegleg/engine/lint.py b/pegleg/engine/lint.py
index 7b2f725..582df86 100644
--- a/pegleg/engine/lint.py
+++ b/pegleg/engine/lint.py
@@ -276,6 +276,24 @@ def _verify_document(document, schemas, filename):
276 return errors 276 return errors
277 277
278 278
279def _handle_managed_document(doc):
280 """
281 Unwrap a managed document without decrypting it, and convert
282 the data to an ASCII string if necessary. We're just
283 using this so that managed documents and the documents
284 that depend on them can be linted.
285
286 :param dict doc: A YAML document
287 :returns: the processed document
288 :rtype: dict
289 """
290 if "managedDocument" in doc["data"]:
291 doc = doc["data"]["managedDocument"]
292 if isinstance(doc["data"], bytes):
293 doc["data"] = doc["data"].decode("ascii")
294 return doc
295
296
279def _verify_deckhand_render(*, sitename=None, fail_on_missing_sub_src=False): 297def _verify_deckhand_render(*, sitename=None, fail_on_missing_sub_src=False):
280 """Verify Deckhand render works by using all relevant deployment files. 298 """Verify Deckhand render works by using all relevant deployment files.
281 299
@@ -284,7 +302,9 @@ def _verify_deckhand_render(*, sitename=None, fail_on_missing_sub_src=False):
284 all_errors = [] 302 all_errors = []
285 303
286 if sitename: 304 if sitename:
287 documents_to_render = util.definition.documents_for_site(sitename) 305 documents_to_render = [_handle_managed_document(doc) for doc in
306 util.definition.documents_for_site(sitename)]
307
288 LOG.debug('Rendering documents for site: %s.', sitename) 308 LOG.debug('Rendering documents for site: %s.', sitename)
289 _, errors = util.deckhand.deckhand_render( 309 _, errors = util.deckhand.deckhand_render(
290 documents=documents_to_render, 310 documents=documents_to_render,
@@ -296,10 +316,13 @@ def _verify_deckhand_render(*, sitename=None, fail_on_missing_sub_src=False):
296 all_errors.extend(errors) 316 all_errors.extend(errors)
297 else: 317 else:
298 documents_to_render = util.definition.documents_for_each_site() 318 documents_to_render = util.definition.documents_for_each_site()
319
299 for site_name, documents in documents_to_render.items(): 320 for site_name, documents in documents_to_render.items():
321 clean_documents = [_handle_managed_document(doc) for doc
322 in documents]
300 LOG.debug('Rendering documents for site: %s.', site_name) 323 LOG.debug('Rendering documents for site: %s.', site_name)
301 _, errors = util.deckhand.deckhand_render( 324 _, errors = util.deckhand.deckhand_render(
302 documents=documents, 325 documents=clean_documents,
303 fail_on_missing_sub_src=fail_on_missing_sub_src, 326 fail_on_missing_sub_src=fail_on_missing_sub_src,
304 validate=True, 327 validate=True,
305 ) 328 )
diff --git a/tests/unit/engine/test_lint.py b/tests/unit/engine/test_lint.py
index ce096c4..5abaf48 100644
--- a/tests/unit/engine/test_lint.py
+++ b/tests/unit/engine/test_lint.py
@@ -19,6 +19,8 @@ from pegleg.engine.errorcodes import DECKHAND_DUPLICATE_SCHEMA
19from pegleg.engine.errorcodes import DECKHAND_RENDER_EXCEPTION 19from pegleg.engine.errorcodes import DECKHAND_RENDER_EXCEPTION
20from pegleg.engine.util import deckhand 20from pegleg.engine.util import deckhand
21from pegleg.engine.util import files 21from pegleg.engine.util import files
22from pegleg.engine.util.pegleg_managed_document \
23 import PeglegManagedSecretsDocument
22from tests.unit.fixtures import create_tmp_deployment_files 24from tests.unit.fixtures import create_tmp_deployment_files
23 25
24 26
@@ -179,6 +181,27 @@ def test_verify_deckhand_render_error_handling(mock_render):
179 errors) == exp_dict['exp1'] + exp_dict['exp2'] + exp_dict['exp3'] 181 errors) == exp_dict['exp1'] + exp_dict['exp2'] + exp_dict['exp3']
180 182
181 183
184def test_handle_managed_document():
185 not_managed = {
186 "schema": "pegleg/FakeSchema/v1",
187 "metadata": {
188 "schema": "metadata/Document/v1",
189 "layeringDefinition": {
190 "abstract": "false",
191 "layer": "site"
192 },
193 "name": "fakesite",
194 "storagePolicy": "cleartext"
195 },
196 "data": "None"
197 }
198
199 managed = PeglegManagedSecretsDocument(not_managed).pegleg_document
200
201 assert lint._handle_managed_document(not_managed) == not_managed
202 assert lint._handle_managed_document(managed) == not_managed
203
204
182def _deckhand_render_exception_msg(errors): 205def _deckhand_render_exception_msg(errors):
183 """ 206 """
184 Helper function to create deckhand render exception msg. 207 Helper function to create deckhand render exception msg.